[Ach] Vote for new Cipherstring B [Was: Issue with OpenSSL >0.9.8l]
Aaron Zauner
azet at azet.org
Wed Jun 4 01:41:25 CEST 2014
Hi *,
christian mock wrote:
> OK, just trying to bring this up after today's meeting -- can we find
> an agreement on the "drop AES/CAMELLIA 256" issue? And if we do, can
> we also drop SHA384, to further simplify the cipher string?
>
> My vote: drop *256 and SHA384.
>
+1 on dropping SHA384. my position on dropping all symmetric 256bit
ciphers is clear. Cryptographic hash functions provide security n-bit/2
[0] - which means SHA256 will suffice
Aaron
[0] https://en.wikipedia.org/wiki/Hash_function_security_summary
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://lists.cert.at/pipermail/ach/attachments/20140604/488cc2c3/attachment.sig>
More information about the Ach
mailing list